Experiment Name: PPP PAP (CHAP) authentication
Experimental Purpose: Mastering the process and configuration of PPP PAP (CHAP) authentication
Background description: You are the company's network administrator, the company in order to meet the growing business needs, the application of a dedicated line access, your customer
The client router authenticates with the ISP when it negotiates the link, configures the router to ensure that the link is established, and considers its security
Of
Requirements Analysis: Ensure security validation during link negotiation. The user name and password are transmitted in clear text when the link is negotiated.
Experimental topology:
650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/8A/DA/wKiom1g9PGnDy_ExAABtvcKTb08617.png-wh_500x0-wm_3 -wmp_4-s_1077767645.png "style=" Float:none; "title=" experimental picture. png "alt=" wkiom1g9pgndy_exaabtvcktb08617.png-wh_50 "/>
(The lab port is s 2/0)
"Experimental principle"
The PPP protocol is located at the data link layer of the OSI seven layer model, and the PPP protocol is divided into two sub-layers according to function: LCP,
Ncp. LCP is primarily responsible for chain
Road negotiation, establishment, callback, authentication, data compression, multi-link bundling and other functions.
The NCP is primarily responsible for negotiating with upper-level protocols to provide services for network-layer protocols.
The authentication function of PPP refers to the authentication of the password in the process of establishing the PPP link, verifying that by establishing the connection,
Verify that the link is not removed by removing it.
The PPP protocol supports two authentication methods, PAP and CHAP. PAP (Password authentication Protocol,
Password Authentication protocol) refers to verifying that both parties complete the verification process through two handshakes, which is a
A method for authenticating a user on a Point protocol server. The authentication request is initiated by the authenticated party, which contains the validated
User name and password. A reply is made after validation by the verifier, either through validation or validation failure. During the authentication process, the user name and secret
The code is transmitted on the link in clear text mode.
Specific implementation code:
650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/8A/DA/wKiom1g9PGjwhn5gAABUle3ZcJ8374.png-wh_500x0-wm_3 -wmp_4-s_3338480092.png "style=" Float:none; "title=" code. png "alt=" wkiom1g9pgjwhn5gaabule3zcj8374.png-wh_50 "/>
Where CHAP's configuration is basically consistent with PAP
Verify:
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/8A/D5/wKioL1g9PGegin8EAABDIp9J11c136.png-wh_500x0-wm_3 -wmp_4-s_1047186488.png "style=" Float:none; "title=" a verify. png "alt=" wkiol1g9pgegin8eaabdip9j11c136.png-wh_50 "/>
This article is from "Sorry, your WiFi has been disconnected ~" blog, declined reprint!
PPP PAP (CHAP) authentication